<?php
class AdminManager extends ObjectManager {
	public function addObject($object) {
		global $db;
		$user = $object ['user_name'];
		$password = md5 ( $object ['pass_word'] );
		$query = "INSERT INTO `tbl_User`(`username`, `password`) VALUES ('" . $user . "','" . $password .  "')";
		$result = mysqli_query ( $db, $query );
		if ($result) {
			return true;
		} else {
			return false;
		}
	}
	public function deleteObject($id) {
		global $db;
		$query = "delete from tbl_User where id=" . $id;
		$result = mysqli_query ( $db, $query );
		if ($result) {
			return true;
		} else
			return false;
	}
	
	public function updateObject($object) {
		global $db;
		$query = "update tbl_quan_ly set ho_ten = '" . $object ['ho_ten'] . "', dia_chi=" . $object ['dia_chi'] . " where id_quan_ly='" . $object ['id_quan_ly'] . "'";
		$result = mysqli_query ( $db, $query );
		if ($result) {
			return true;
		} else
			return false;
	}
	
	public function getObjects() {
		global $db;
		$query = "select * from tbl_User";
		$result = mysqli_query ( $db, $query );
		// echo mysqli_num_rows($result);
		return $result;
	}
	public function getObjectsSort($column, $type) {
	
	}
	public function findObjectsByText($text) {
		global $db;
		$query = "select * from tbl_User where username like '%" . $text . "%'";
		$result = mysqli_query ( $db, $query );
		return $result;
	}
	public function findObjectById($id){
		global $db;
		$query="select * from tbl_User where id=".$id;
		$result=mysqli_query($db,$query);
		$row=mysqli_num_rows($result);
		if($row==1){
			return mysqli_fetch_assoc($result);
		}else return false;
	}
	public function check($id) {
		global $db;
		$query = "select * from tbl_User where id= '" . $id . "'";
		$result = mysqli_query ( $db, $query );
		return $result;
	}
	
	public function login($username, $pass) {
		global $db;
		$query = "select * from tbl_User where username='" . $username . "' and password='" .md5($pass) . "'";
		$result = mysqli_query ( $db, $query );
		$row = mysqli_num_rows ( $result );
		if ($row == 1) {
            session_start();
            $r=mysqli_fetch_assoc($result);
            $_SESSION['id']=$r['id_user'];
            $_SESSION['name']=$r['full_name'];
			$_SESSION ['uid'] = $username;
			$_SESSION ['pass'] = md5 ( $pass );
			
			return true;
		} else
			return false;
	}
	public function lougout() {
		// $_SESSION['username']=null;
		// $_SESSION['password']=null;
		// session_destroy();
		// setcookie("PHPSESSID","",time()-60*60);
		if (ini_get ( "session.use_cookies" )) {
			$params = session_get_cookie_params ();
			setcookie ( session_name (), '', time () - 42000, $params ["path"], $params ["domain"], $params ["secure"], $params ["httponly"] );
		}
		
		// Finally, destroy the session.
		session_destroy ();
		header ( 'admin' );
	}
}